Analytics Engines

COBALT Grant Manager

Automates the process of checking grant applications to detect non-compliant or fraudulent applicants. Applies text analytics to streamline and automate the process, manage assessor matching and visually highlighting highly similar applications or flagging applications requiring further human investigation.

Features

• Automated assessor allocation using text analytics and rules-based algorithms
• Text analytics to check for anomalies, trends, or undeclared re-submissions
• Highly visual UX to review the output of analytical models
• Highlighting algorithm to visualise applications identified as highly similar
• Analytics algorithms to rank suitability of assessors for each application
• Analytical model extracts topics from applications and assesses topic coherence
• Analytical model matches application and assessor topic distributions
• Create automated tailored and dynamic reporting and notifications
• Automation of manual grant checking process
• GDPR and ISO27001 compliant

Benefits

• Automation of manual grant application checking process delivers efficiencies
• Enhanced automated identification of fraudulent applications
• Automatically highlights undeclared application re-submissions
• Automation of most appropriate assessor to application matching
• Free up time for business-critical operations
• Real-time view of assessor allocation
• Maximise spread of relevant skills in the assessor panel
• Improved real-time holistic view of competition progress and application status
• Improved assessor matching to applications
• Workflows and automatic notifications improve assessor experience and productivity

£6,250 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@analyticsengines.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

193586902596003

Contact

Scott Fischaber
02890669022
info@analyticsengines.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Planned maintenance is typically scheduled during Analytics Engines support hours.
• System requirements: Debian, Ubuntu or Red Hat OS operating systems

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response to support emails are typically within 1 working day (normally within 1 hour).
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Analytics Engines provides basic support for the service, from level 1 to level 3 as part of the cost and provide a technical account manager to oversee and manage the engagement. Enhanced support (out of hours, phone, on-site, additional training) can be provided at additional cost.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: User documentation is provided and remote onboarding sessions are held with the buyer's team. Onsite training can be provided for additional cost upon request.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The source data and the results of the COBALT processing can be downloaded in CSV format at the end of the contract.
• End-of-contract process: At the end of the contract, the buyer should either renew their license with Analytics Engines or they should terminate usage of the service and export any data that they want from the system. In the case of deployment within the buyers systems, they should remove the service and provide Analytics Engines with confirmation that the service has been removed. Where Analytics Engines hosts the service, we will shutdown the service and delete the data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: COBALT provides an API to upload data, monitor the data processing status and also to get and download the results output from the analytic models. The API is available once COBALT is deployed.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Users can set thresholds for similarity between applications, number of assessors to be assigned per application in a call, and overall total number of applications an assessor can review. All grant management users can customise this data for their call through the application.

Scaling

• Independence of resources: Each customer has their own deployment of COBALT Grant Manager.

Analytics

• Service usage metrics: Yes
• Metrics types: Data can be stored on access to the APIs and status of various tasks provided within the service for administrative and security reasons. The data can be provided as logs, feed to upstream systems, or aggregated for analysis within dashboards.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The COABLT Grant Manager UI and API provide functionality for users to download data and results of the workflow and processing in CSV format.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: High-Availability can be provided on demand based on customers specific application demands, but target availability better than 95% is expected.; In the event of a fault within COBALT , Analytics Engines will provide a response from front line support within 1 business day (Normal response time is 1 hour) outlining resolution steps.; Events are expected to be resolved within 2 business days of resolution plan providing at least a workaround to downgrade the criticality.; This SLA covers the COBALT software solution. This SLA does not cover services provided by the customer that COBALT utilises (e.g. Cloud/Server infrastructure, API availability, Data changes, DB access, etc.). This SLA does not cover Incidents caused by User’s negligence, abuse, misapplication or use of the COBALT service other than as specified in the COBALT Service Description or other causes beyond the control of COBALT.
• Approach to resilience: Once on-boarded, COBALT installation and configuration is completely automated. In the event of a catastrophic system failure the complete system can retargeted to a new environment (Cloud, virtual machines, etc) and be redeployed. This process typically takes 2 hours to complete at which point backup data can begin to be loaded. The COBALT database is separated from the application which allows normal IT management including backup/restore following the business unit policies for the configuration of COBALT. In the event of a backup recovery being required the backup data is used to re-populate COBALT to the previous backup snapshot.
• Outage reporting: COBALT includes a monitoring component. The monitoring component can provide a dashboard or API that users can log into to see reports and charts regarding service availability and any outages. Email alerts can be configured.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces require authentication in the form of either username/password or public key authentication.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intertek
• ISO/IEC 27001 accreditation date: 28/03/2024
• What the ISO/IEC 27001 doesn’t cover: All of Analytics Engines operations and provision of data and analytics software and services are included in the scope.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Policy Manual; AE have a policy manual in place which demonstrates how the company meets the requirements of the Information Security Management System – ISO 27001. It includes the policy, responsibilities, and acts as a signpost to related system documentation.; ; Policy and Procedure Documents; Policy and Procedure Documents have been prepared to cover situations where their absence could lead to deviations from the company’s Information Security objectives and would introduce or elevate Information Security risks to unacceptable levels. ; ; Internal Management; Analytics Engines has an ISMS coordinator who is responsible for the day-to-day tasks of ISO 27001. Ultimate responsibility of the system lies with the the ISMS owner who reports to company directors. We have assigned IT team members who deal with technical tasks on a daily basis.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Service components are versioned and kept under source control in private software repositories. A staging/pre-production system is maintained which is updated with the most recent build each night. All code changes are reviewed for functionality and security before being released to staging. Any changes to production service components are subject to buyer user review and functional regression testing on this staging system prior to release to production.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability management patching follows ISO 27001 processes. Potential threats to the service are identified through a variety of means: including regular Penetration Testing, subscription to industry standard threat information system vulnerability listings, and regular OS and software level release information. Our aim is to patch critical vulnerabilities within 14 days, ideally within 7 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The service collects relevant accounting and audit information. Administrators can examine the audit information and in the case of finding any suspicious activity request support from Analytics Engines for further investigations. Specific triggers and alerts can be defined in collaboration with the buyer. Where possible the system will be locked down while analysis of compromises takes place before being restored - where possible from a backup prior to any compromise.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management events are captured following an ISO27001 policy. Users (internal, external) have a specified contact for incident management reports. Once an incident is raised, an investigation is started to look into an event; determine scope and scale of the incident; and devise response timelines and strategy. Once an investigation is concluded a report is generated which can be provided to the user.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We deliver digital projects that equip our clients to make better data based decisions, removing the need for printing paper documentation and enabling improved efficiencies. We also educate and empower staff to take action – working from home, cycle to work, online meetings; establish company baseline to understand our impact; measure and improve; and influence our customers and stakeholders.

  Covid-19 recovery

  We continue to work with a range of public sector organisations delivering data analytics solutions and support that enables them to better understand the impacts of the pandemic and to make data based policy and decisions about the nature of support they will implement.

  Tackling economic inequality

  As a rapidly growing Belfast based company in a high growth technology sector we always seek to create employment and training opportunities locally. We are open to working and partnering with new and small businesses to enhance our delivery capability and provide them with opportunities for growth.

  Equal opportunity

  At our organization, we are committed to addressing and remedying inequality in employment, skills, and pay within the contract workforce. We recognize that this is a complex issue that requires a ; multifaceted approach, and we have taken significant steps to make a positive impact. This includes: Equal Opportunity Hiring, Training and Skill Development, Fair Compensation Practices, Mentorship and Career Advancement, Supplier Diversity, Regular Monitoring and Reporting, and Community Engagement.

  Wellbeing

  At Analytics Engines, we are deeply committed to data-driven solutions that not only transform organisations but also positively impact the communities we serve and ensure the wellbeing of our staff. Our core values revolve around harnessing the power of data to enhance community well-being alongside a “do no harm” ethos. Our commitment to this endeavour involves harnessing data for precise community understanding and engagement, which is a cornerstone of our data-driven approach. We emphasize co-design with the community, where data-driven insights inform the design of goods, services, and works under the contract. We believe in data-driven inclusivity. Our past projects highlight how we've integrated inclusivity and accessibility into data-driven solutions. We understand the need for flexibility in the face of evolving community needs and our commitment extends to our workforce through employee volunteering schemes. Wellbeing is integrated into all employment, projects and company activities; we implement: flexible holidays, flexible working, health insurance, mental health hotline, gym membership, and support for personal charitable time.

Pricing

• Price: £6,250 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@analyticsengines.com. Tell them what format you need. It will help if you say what assistive technology you use.